Uniform communication protocols for communication between controllers and accessories
First Claim
Patent Images
1. A method comprising:
- detecting, by a controller, an accessory that is available for pairing;
performing, by the controller, a pair setup operation to establish a pairing with the accessory, the pair setup operation including;
establishing a shared secret using an out-of-band information item exchanged between the accessory and the controller;
using the shared secret to securely exchange a long-term public key of the accessory and a long-term public key of the controller; and
securely and persistently storing, by the controller, the long-term public key of the accessory in association with an identifier of the accessory;
obtaining, by the controller, an accessory definition record from the paired accessory device, the accessory definition record identifying a set of services for performing operations of the paired accessory device, each service of the set of services having a set of operation characteristics, each operation characteristic of the set of operation characteristics representing an aspect of accessory state with respect to an operation of the operations of the paired accessory device;
receiving, at a user interface of the controller, an input that identifies a requested function of the paired accessory device to be performed;
determining, based at least in part on the input, an operation characteristic of the paired accessory device to modify that will instruct the paired accessory device to perform the operation of the paired accessory device that corresponds to the requested function;
performing a pair verify operation including generating a session key, wherein the session key is used to encrypt a request to modify the operation characteristic specified in the accessory definition record that corresponds to the requested function; and
communicating, by the controller, a request to the paired accessory to modify the operation characteristic specified in the accessory definition record that corresponds to the requested function, the communicated request being interpretable by the paired accessory device as an instruction to invoke the operation of the paired accessory device.
2 Assignments
0 Petitions
Accused Products
Abstract
A uniform protocol can facilitate secure, authenticated communication between a controller device and an accessory device that is controlled by the controller. An accessory and a controller can establish a pairing, the existence of which can be verified at a later time and used to create a secure communication session. The accessory can provide an accessory definition record that defines the accessory as a collection of services, each service having one or more characteristics. Within a secure communication session, the controller can interrogate the characteristics to determine accessory state and/or modify the characteristics to instruct the accessory to change its state.
237 Citations
22 Claims
-
1. A method comprising:
-
detecting, by a controller, an accessory that is available for pairing; performing, by the controller, a pair setup operation to establish a pairing with the accessory, the pair setup operation including; establishing a shared secret using an out-of-band information item exchanged between the accessory and the controller; using the shared secret to securely exchange a long-term public key of the accessory and a long-term public key of the controller; and securely and persistently storing, by the controller, the long-term public key of the accessory in association with an identifier of the accessory; obtaining, by the controller, an accessory definition record from the paired accessory device, the accessory definition record identifying a set of services for performing operations of the paired accessory device, each service of the set of services having a set of operation characteristics, each operation characteristic of the set of operation characteristics representing an aspect of accessory state with respect to an operation of the operations of the paired accessory device; receiving, at a user interface of the controller, an input that identifies a requested function of the paired accessory device to be performed; determining, based at least in part on the input, an operation characteristic of the paired accessory device to modify that will instruct the paired accessory device to perform the operation of the paired accessory device that corresponds to the requested function; performing a pair verify operation including generating a session key, wherein the session key is used to encrypt a request to modify the operation characteristic specified in the accessory definition record that corresponds to the requested function; and communicating, by the controller, a request to the paired accessory to modify the operation characteristic specified in the accessory definition record that corresponds to the requested function, the communicated request being interpretable by the paired accessory device as an instruction to invoke the operation of the paired accessory device. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A controller comprising:
-
a communication interface to communicate with one or more accessories; a secure storage element to securely store pairing records for one or more paired accessories; a data storage element configured to store accessory definition records for one or more paired accessories; and a processing subsystem coupled to the communication interface, the secure storage element, and the data storage element, the processing subsystem configured to; detect an accessory that is available for pairing; perform a pair setup operation to establish a pairing with one or more accessories, wherein establishing the pairing with an accessory of the one or more accessories includes; establishing a shared secret using an out-of-band information item exchanged between the accessory and the controller; securely obtaining, from the accessory, a long-term public key of the accessory and a proof that the accessory has the out-of-band information item; securely providing a long-term public key of the controller to the accessory; and creating and persistently storing a pairing record for the accessory in the secure storage element, the pairing record including the long-term public key of the accessory; obtain, after establishing the pairing with the accessory, an accessory definition record from the paired accessory, the accessory definition record identifying a set of services for performing operations of the paired accessory, each service of the set of services having a set of operation characteristics, each operation characteristic of the set of operation characteristics representing an aspect of accessory state with respect to an operation of the operations of the paired accessory device; receive, at a user interface of the controller, an input that identifies a requested function of the paired accessory to be performed; determine, based at least in part on the input, an operation characteristic of the paired accessory to modify that will instruct the paired accessory to perform the operation of the paired accessory that corresponds to the requested function; perform a pair verify operation including generating a session key, wherein the session key is used to encrypt a request to modify the operation characteristic specified in the accessory definition record that corresponds to the requested function; and invoke the operation of the paired accessory by communicating to the paired accessory a request to modify operation characteristic specified in the accessory definition record that corresponds to the requested function. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A non-transitory computer-readable storage medium storing computer-executable instructions that, when executed by a controller device, configure the controller device to perform operations comprising:
-
detecting an accessory that is available for pairing; performing a pair setup operation to establish a pairing with the accessory, the pair setup operation including; establishing a shared secret using an out-of-band information item exchanged between the accessory and the controller device; using the shared secret to securely exchange a long-term public key of the accessory and a long-term public key of the controller device; and securely and persistently storing the long-term public key of the accessory in association with an identifier of the accessory; obtaining an accessory definition record from the paired accessory device, the accessory definition record identifying a set of services for performing operations of the paired accessory device, each service of the set of services having a set of operation characteristics, each operation characteristic of the set of operation characteristics representing an aspect of accessory state with respect to an operation of the operations of the paired accessory device; receiving, via a user interface, an input that identifies a requested function of the paired accessory device to be performed; determining, based at least in part on the input, an operation characteristic of the paired accessory device to modify that will instruct the paired accessory device to perform the operation of the paired accessory device that corresponds to the requested function; performing a pair verify operation including generating a session key, wherein the session key is used to encrypt a request to modify the operation characteristic specified in the accessory definition record that corresponds to the requested function; and communicating a request to the paired accessory to modify the operation characteristic specified in the accessory definition record that corresponds to the requested function, the communicated request being interpretable by the paired accessory device as an instruction to invoke the operation of the paired accessory device. - View Dependent Claims (13, 14, 15, 16, 17)
-
-
18. A controller comprising:
-
a communication interface to communicate with one or more accessories; a secure storage element to securely store pairing records for one or more paired accessories; a data storage element configured to store accessory definition records for one or more paired accessories; and a processing subsystem coupled to the communication interface, the secure storage element, and the data storage element, the processing subsystem configured to; detect an accessory that is available for pairing; perform a pair setup operation to establish a pairing with one or more accessories, wherein establishing the pairing with an accessory of the one or more accessories includes; establishing a shared secret using an out-of-band information item exchanged between the accessory and the controller, wherein the information item comprises digital certificate verification information obtained by the controller from a source other than the accessory, the digital certificate verification information usable to verify a digital certificate and signature received by the controller from the accessory; securely obtaining, from the accessory, a long-term public key of the accessory and a proof that the accessory has the out-of-band information item; securely providing a long-term public key of the controller to the accessory; and creating and persistently storing a pairing record for the accessory in the secure storage element, the pairing record including a the long-term public key of the accessory; obtaining, after establishing a pairing with an accessory, an accessory definition record from the paired accessory, the accessory definition record including a set of services for performing operations of the paired accessory, each service of the set of services having a set of operation characteristics, each operation characteristic of the set of operation characteristics representing an aspect of accessory state with respect to an operation of the operations of the paired accessory device; receiving, at a user interface of the controller, an input that identifies a requested function of the paired accessory to be performed; determining, based at least in part on the input, an operation characteristic of the paired accessory to modify that will instruct the paired accessory to perform the operation of the paired accessory that corresponds to the requested function; performing a pair verify operation including generating a session key, wherein the session key is used to encrypt a request to modify the operation characteristic specified in the accessory definition record that corresponds to the requested function; and invoking an operation of the paired accessory by communicating to the paired accessory a request to modify one or more of the operation characteristics specified in the accessory definition record that corresponds to the requested function. - View Dependent Claims (19, 20, 21, 22)
-
Specification